| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2017-1000198 |
119 |
|
DoS Overflow |
2017-11-17 |
2017-12-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service |
|
52 |
CVE-2017-1000197 |
417 |
|
|
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server. |
|
53 |
CVE-2017-1000196 |
94 |
|
Exec Code |
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server. |
|
54 |
CVE-2017-1000195 |
502 |
|
|
2017-11-17 |
2020-08-03 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server. |
|
55 |
CVE-2017-1000194 |
434 |
|
|
2017-11-17 |
2020-08-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server. |
|
56 |
CVE-2017-1000193 |
79 |
|
Exec Code XSS |
2017-11-17 |
2020-08-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser. |
|
57 |
CVE-2017-1000192 |
|
|
File Inclusion |
2017-11-17 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File Inclusion in the functionality of javascript files inclusion. The attacker can read the configuration files that contain the login and password from the database, private encryption key, as well as other sensitive information. |
|
58 |
CVE-2017-1000191 |
400 |
|
|
2017-11-17 |
2017-12-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS. |
|
59 |
CVE-2017-1000190 |
611 |
|
|
2017-11-17 |
2019-07-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on. |
|
60 |
CVE-2017-1000189 |
20 |
|
|
2017-11-17 |
2017-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile() |
|
61 |
CVE-2017-1000188 |
79 |
|
XSS |
2017-11-17 |
2017-11-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection |
|
62 |
CVE-2017-1000187 |
119 |
|
Overflow |
2017-11-17 |
2017-11-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF() |
|
63 |
CVE-2017-1000186 |
119 |
|
Overflow |
2017-11-17 |
2017-11-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, a stack overflow was found in pdf2swf. |
|
64 |
CVE-2017-1000185 |
119 |
|
Overflow |
2017-11-17 |
2017-11-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, a memcpy buffer overflow was found in gif2swf. |
|
65 |
CVE-2017-1000182 |
772 |
|
|
2017-11-17 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, a memory leak was found in wav2swf. |
|
66 |
CVE-2017-1000176 |
119 |
|
Overflow |
2017-11-17 |
2017-11-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, a memcpy buffer overflow was found in swfc. |
|
67 |
CVE-2017-1000174 |
119 |
|
Overflow |
2017-11-17 |
2017-11-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SWFTools, an address access exception was found in swfdump swf_GetBits(). |
|
68 |
CVE-2017-1000173 |
125 |
|
Exec Code Overflow |
2017-11-17 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of the bounds checking of that buffer. When list.join is called on the data it will read past a buffer resulting in a Heap-Buffer-Overflow. |
|
69 |
CVE-2017-1000172 |
416 |
|
Exec Code |
2017-11-17 |
2017-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition. |
|
70 |
CVE-2017-1000171 |
532 |
|
|
2017-11-03 |
2017-11-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text. |
|
71 |
CVE-2017-1000170 |
22 |
|
Dir. Trav. |
2017-11-17 |
2021-03-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
jqueryFileTree 2.1.5 and older Directory Traversal |
|
72 |
CVE-2017-1000169 |
20 |
|
Exec Code |
2017-11-17 |
2017-12-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB. |
|
73 |
CVE-2017-1000168 |
|
|
|
2017-11-17 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys |
|
74 |
CVE-2017-1000164 |
79 |
|
Exec Code XSS |
2017-11-17 |
2017-11-29 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook resulting code execution and privilege escalation |
|
75 |
CVE-2017-1000163 |
601 |
|
|
2017-11-17 |
2017-12-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks. |
|
76 |
CVE-2017-1000160 |
79 |
|
XSS |
2017-11-17 |
2020-07-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection |
|
77 |
CVE-2017-1000159 |
78 |
|
|
2017-11-27 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. |
|
78 |
CVE-2017-1000158 |
190 |
|
Exec Code Overflow |
2017-11-17 |
2022-06-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) |
|
79 |
CVE-2017-1000157 |
200 |
|
+Info |
2017-11-03 |
2017-11-13 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 16.10 before 16.10.4 and 17.04 before 17.04.2 are vulnerable to recording plain text passwords in the event_log table during the user creation process if full event logging was turned on. |
|
80 |
CVE-2017-1000156 |
269 |
|
|
2017-11-03 |
2019-10-03 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role. |
|
81 |
CVE-2017-1000155 |
200 |
|
+Info |
2017-11-03 |
2017-11-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to profile pictures being accessed without any access control checks consequently allowing any of a user's uploaded profile pictures to be viewable by anyone, whether or not they were currently selected as the "default" or used in any pages. |
|
82 |
CVE-2017-1000154 |
287 |
|
|
2017-11-03 |
2017-11-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended. |
|
83 |
CVE-2017-1000153 |
732 |
|
|
2017-11-03 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account. |
|
84 |
CVE-2017-1000152 |
|
|
|
2017-11-03 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such as an admin changing another user's account settings. |
|
85 |
CVE-2017-1000151 |
200 |
|
+Info |
2017-11-03 |
2017-11-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log. |
|
86 |
CVE-2017-1000150 |
384 |
|
|
2017-11-03 |
2017-11-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks. |
|
87 |
CVE-2017-1000149 |
79 |
|
XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15.10.2 are vulnerable to XSS due to window.opener (target="_blank" and window.open()) |
|
88 |
CVE-2017-1000148 |
502 |
|
Exec Code |
2017-11-03 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize()" function when importing a skin from an XML file. |
|
89 |
CVE-2017-1000147 |
352 |
|
CSRF |
2017-11-03 |
2017-11-15 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. This could allow an attacker to trick a Mahara user into unknowingly uploading malicious files into their Mahara account. |
|
90 |
CVE-2017-1000146 |
79 |
|
XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to the arbitrary execution of Javascript in the browser of a logged-in user because the title of the portfolio page was not being properly escaped in the AJAX script that updates the Add/remove watchlist link on artefact detail pages. |
|
91 |
CVE-2017-1000145 |
|
|
|
2017-11-03 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments. |
|
92 |
CVE-2017-1000144 |
79 |
|
XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML and Javascript into an institution display name, which will be displayed to other users unescaped on some Mahara system pages. |
|
93 |
CVE-2017-1000143 |
200 |
|
+Info |
2017-11-03 |
2017-11-15 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications about pages they do not have access to anymore. |
|
94 |
CVE-2017-1000142 |
|
|
|
2017-11-03 |
2019-10-03 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users being able to delete their submitted page through URL manipulation. |
|
95 |
CVE-2017-1000140 |
79 |
|
Exec Code XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to a maliciously created .xml file that can have its code executed when user tries to download the file. |
|
96 |
CVE-2017-1000139 |
918 |
|
|
2017-11-03 |
2017-11-15 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to server-side request forgery attacks as not all processes of curl redirects are checked against a white or black list. Employing SafeCurl will prevent issues. |
|
97 |
CVE-2017-1000138 |
79 |
|
XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title. |
|
98 |
CVE-2017-1000137 |
79 |
|
XSS |
2017-11-03 |
2017-11-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard (rather than drag and drop). |
|
99 |
CVE-2017-1000136 |
613 |
|
|
2017-11-03 |
2017-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable to old sessions not being invalidated after a password change. |
|
100 |
CVE-2017-1000135 |
613 |
|
|
2017-11-03 |
2017-11-15 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended. |
